Too Much Time on My Hands: Network-Scale Mitigation of NTP DDoS Attacks

Although NTP reflection/amplification attacks have been observed in the wild for many years, recent high-profile attacks have drawn more attention to them. In this webinar, a member of the Arbor Security Engineering and Response Team (ASERT) will conduct a deep dive into some recent NTP attacks. Network-scalable best practices for detection, classification, trace-back and mitigation of high-impact attacks, ranging from the tens of Mbps up to more than 300 Gbps in size, will be addressed.

If asked, “What’s our risk of a DDoS attack?”… Would you be able to answer with confidence? With all the attention given to ransomware, it’s easy to forget about availability protection. But the data is clear. DDoS attacks are increasing in frequency and complexity. And if not adequately prepared, the impact of a DDoS attack can be quite significant. To help you more accurately assess your risk of DDoS attacks, join Rob Ayoub, IDC Research Director and Tom Bienkowski, Arbor Networks Director of Product Marketing to learn about the latest trends in DDoS attacks and more importantly best practices in protection.

Hear about the mounting challenges ahead for those involved in day-to-day security operations.
Arbor Networks' 13th Annual Worldwide Infrastructure Security Report (WISR) offers a rare view into the most critical security challenges facing today’s network operators.This session will review the highlights from the report to help network operators understand the breadth of the threats that they face, gain insight into what their peers are doing to address these threats, and comprehend both new and continuing trends.

Attackers continuously have new tools, tactics and practices in their weapons arsenal. Human defenders must shift their strategies to more proactively uncover meaningful threats, and find ways that dramatically accelerate threat investigation.

Join us to hear:
- NETSCOUT’s Chief Security Officer discuss how the Arbor Spectrum threat analytics platform was used to help her team take detection and investigation to a new level.
- In depth examples of how security teams can begin or enhance their detection and investigation of attack campaigns.

So, you’ve justified, purchased and deployed your new DDoS attack protection solution. But can you assure executive management / the board that your organization is protected from the modern-day DDoS attack? Waiting to see if your protection works while under attack is not the right approach. Testing the products, people and process before an attack occurs is the industry best practice. Join Arbor Networks, the industry leader in DDoS attack protection solutions and LIFARS, an elite cybersecurity, digital forensics, and incident response firm to learn:

Tom Bienkowski Dir. DDoS Product Marketing Arbor Networks + Jim Hietala VP Business Development and Security The Open Group

Here’s a question for you…Is the DDoS attack protection you (may) have put in place years ago, still adequate to protect you from the modern-day DDoS attack? If not (or you’re not sure), then you are at risk. More importantly, how do you explain the risk and build the business case for protection to Executive Management / Board? Join Arbor Networks, the world leader in DDoS attack protection and Jim Hietala from The Open Group to learn:

- The latest trends in DDoS attacks and best practices in defense.
- How to use FAIR (Factor Analysis of Information Risk), to take a quantitative, financial approach to analyze the risk of DDoS attacks.
- How, using different Arbor Networks DDoS attack protection solutions, you can reduce your risk and loss exposure.
- Tips on how to present your risk analysis and business case for DDoS attack protection - in terms your Executive Management/Board will understand.

The data is crystal clear. DDoS attacks are dramatically increasing in size, frequency and complexity. Unfortunately, many organizations have been severely impacted by DDoS attacks simply because they either assumed they would never be the target or they thought they had adequate protection in place. Join IP Networks and Arbor Networks - the industry leader in DDoS attack protection products and services to learn:

According to data from Arbor Networks’ Active Threat Level Analysis System (ATLAS), a DDoS attack occurs every 6 seconds in the world. When you’re under attack; time is of the essence. The organization that you protect doesn’t care about attacks details such as size, vectors etc. All they care about is how fast you can stop the attack to minimize impact. Your best defense against the modern-day DDoS attack is an automated, intelligently layered approach to DDoS attack detection and mitigation. Join Arbor Networks, the industry leader in DDoS attack protection solutions, to learn about the latest trends in DDoS attacks and best practices in defense – including a demonstration of Arbor’s fully automated, intelligently integrated, combination of on premise and in-cloud DDoS attack protection solution.

A study by McKinsey suggests the increased operational risk of digital innovation threatens 6% of the net profit for a retail bank. Renowned hactivist group Anonymous’ OpIcarus; a Distributed Denial of Service (DDoS) attack siege on the world’s banking infrastructure and other well publicized successful attacks have exposed just how vulnerable banks are to such threats. The reality is modern day DDoS attacks are getting more frequent, more sophisticated, and are commonly used as a distraction during the data exfiltration stage of advanced threat campaigns. The unfortunately reality is that in many cases, these attacks succeed because the targets were simply inadequately prepared to stop them.

You've read the headlines. DDoS attacks as large as 800Gbps impacting major banking, entertainment and communications companies. But the stories that don't get media coverage are the much more frequent, smaller DDoS attacks under 1 Gbps that are large enough to overwhelm the internet access capacity of most organizations.

So what can your network team do to ensure uninterrupted availability? The answer is to rely upon a cloud-based, managed DDoS attack protection service.

Attend this webcast to learn:
• That the vast majority of DDoS attacks, which are less than 2 Gbps in size, are large enough to overwhelm most organizations’ internet bandwidth.
• How enterprises and service providers can augment their on-premise DDoS attack protection solutions with in-cloud mitigation.
• What to expect from a cloud-based DDoS Mitigation Service Provider and why an always on, in-cloud solution may not be the best option for protection.
• How Arbor’s fully integrated cloud-based and on-premise DDoS attack protection solution offers the industry’s most comprehensive form of protection.

While some enterprises may think that have secured their key services against DDoS attacks simply by deploying intrusion prevention systems (IPS) or firewalls in front of their servers, they are actually exposing their organizations to service outages.

451 Research went underground to talk to black and white hats in the industry to get the details on the latest attack tools and approaches.

Register for this webinar to learn:

• We now have an adversary more likely to solve a problem like an IT administrator, than Hollywood’s depiction of a hacker.

• What do you need against an adversary with a high degree of technical skills and familiarity with the tools IT administrators use?

• The cloak of payment systems such as Bitcoin now simplify the attacker’s payroll while reducing risk of exposure considerably. New style of Denial-of-Service attacks and fully automated attack platforms now capitalize on trends such as ransomware for today’s get-quick-rich schemes.

• What do you need to protect your organization with attacks built to deliver the fastest Mean Time To Pay?

Arbor Networks' 12th Annual Worldwide Infrastructure Security Report (WISR) offers a rare view into the most critical security challenges facing today’s network operators.This session will review the highlights from the report to help network operators understand the breadth of the threats that they face, gain insight into what their peers are doing to address these threats, and comprehend both new and continuing trends.

A discussion on the latest cyber-attack methods and approaches, including ransomware, facing security teams. Quickly identifying malicious or suspicious network traffic communications can be the key to faster detection and effective response. We demonstrate how to quickly identify the signs and shut down malicious activity in the network and access data where and where you need it from your security infrastructure.

This joint webinar between IDC and Arbor Networks will discuss how the threat landscape is rapidly evolving with financially motivated attackers, nation-states, and hacktivists out to disrupt business operations, steal data, or conduct corporate or cyberespionage.

IDC analyst Rob Westervelt will examine an emerging category of solutions called Internal Network Traffic Analysis, which provide innovative approaches to attack detection and prevention. A comprehensive approach for data protection has network monitoring and traffic inspection at its core. Network traffic analysis is an essential element of most threat prevention and data protection strategies. He will explore why these solutions are a requirement and describes the most critical components necessary to identify and contain attacker movement before critical network resources and servers containing sensitive data are exposed.

Arbor’s Arabella Hallawell, herself a former industry analyst with Gartner, will discuss the role of Arbor Networks solutions in addressing the challenges described above.

Despite years of headlines, many businesses today are under-invested and ill-prepared to handle modern DDoS attacks. Many wrongly believe they are not being targeted by DDoS attacks, and are in fact experiencing outages due to DDoS attacks that are being attributed to equipment failures or operational error because the companies lack DDoS visibility and defense. Still more rely on existing, more traditional, security devices such as firewalls and intrusion prevention systems (IPS), or a single layer of protection from their ISP or content delivery network (CDN). In each case, these businesses are exposed and only partially protected. Firewalls and IPS are stateful devices that are often targets of DDoS attacks, while cloud-only or CDN protection does not provide adequate protection for critical business applications.

Join this webinar with Arbor Networks and IDC to understand exactly how the stakes have changed, and what it means for the assumptions organizations have been making with regard to protecting the availability of their business-critical websites, services and applications. In light of the recent attacks, we will expose the multiple attack vectors of the Mirai IoT botnet and provide best practices for mitigation.

Learn:

• About the evolution of DDoS attacks
• The implications for DDoS defense
• Current best practices in DDoS defense

The history of DDoS provides a clear, unambiguous guide as to where things are going - attacks are becoming more expansive, impacting a wider variety of targets, and the durations are longer and more destructive. Response strategies however, have kept pace and can handle the scale. Available in variety of deployment options and informed by vast quantities of intelligence, the right technology can empower you to stay abreast the threats and prevent or mitigate the inevitable attacks. The key is in discovering the optimal match between your architecture and the available solutions.

With new technologies appearing almost daily, attackers have a constant stream of potential new tools, tactics and practices to evaluate as offensive weapons. This constantly expanding attack surface forces defenders to assess each as well in an ever-escalating arms race.

But this can cause an over-dependence on technology and an under-appreciation of the human nature and behavior of adversaries. The desire for waves of more and more machine-generated data to consume and assess is in fact boggling minds and breaking team and process effectiveness.

As human defenders realize this, they shift strategies to proactive approaches, to focus on fundamentals that truly uncover meaningful threats, and force multipliers that dramatically accelerate threat investigation and disruption

Join Arbor’s Paul Bowen for a discussion on how using humans to combat humans is the new normal...

With new technologies appearing daily, attackers have a constant stream of potential new tools, tactics and practices to use as offensive weapons. This constantly expanding attack surface forces defenders to assess each as well in an ever-escalating arms race.
But this can cause an over-dependence on technology and an under-appreciation of the human nature and behavior of adversaries. The desire for waves of more machine-generated data to consume and assess is in fact boggling minds and breaking team and process effectiveness.
As human defenders realize this, they shift strategies to proactive approaches, to focus on fundamentals that truly uncover meaningful threats, and force multipliers that dramatically accelerate threat investigation and disruption.

A 2015 McKinsey study suggests oil and gas companies could realize $1B in cost savings or production increases by better leveraging existing data and IT technologies. Convergence of Industrial Control System (ICS) networks with corporate IT and partner networks is one such way to increase productivity; the downside it that this also increases risk.